Nmap Development mailing list archives
Re: Nmap SoC Ideas?
From: jah <jah () zadkiel plus com>
Date: Sun, 14 Mar 2010 14:14:53 +0000
Hi folks,
Here's a semblance of an idea along similar lines to web based Nmap
scanning. It's something I've had rolling around in the back of my mind
and not considered in great depth - and I don't know if it has legs, but
it might be generally interesting to think about:
It's a distributed system of Nmap Scan providers made up of three basic
elements: Agents; Provider Interface and Negotiator Interface.
The Agent is a daemon/service running on a single host and performs the
following functions:
Invokes Nmap
Enforces a Policy which details the kinds of scans permitted and how
much work the host will accept.
Registers with the Provider Interface.
Provides policy, availability and status information to the Provider
Interface.
Accepts scan tasks from the Provider Interface.
Submits scan results to the Provider Interface.
The Provider Interface is a web service which manages one or more Agents
and is a bridge between Agents (possibly on a private network) and a
Negotiator Interface:
Queries agents for policy, availability and status information.
Submits Scan tasks to agents.
Provides policy, availability and status information to Negotiator(s).
The Negotiator Interface is a web service and public web application
which manages the accounts of its users and negotiates Nmap scanning
tasks on their behalf.
Front End
Users request scanning tasks.
Provides (real time) completion estimates and status reports.
Delivers scan results.
Back End
Accepts registrations from providers.
Testing of provider accuracy.
Negotiates with providers for scanning tasks.
Queries providers for status updates / Accepts status updates.
Collects and analyses empirical data to allow fine-tuning of
provider negotiation and completion time estimates.
The basic theory of operation might be that people/organisations wishing
to a provide scanning service install the Agents on scanning hosts and
install the Provider Interface on a machine accessible to both Agents
and a Negotiator Interface. The provider registers with a negotiator
and provides its policy to it. The negotiator then performs some tests
(like 'here's a host I know all about, what can you tell me about it')
and when satisfied that the provider is genuine and functional, it adds
it to its list of providers with whom it can negotiate for scanning tasks.
Users log in to an account with the negotiator and request scanning
tasks and the negotiator, based on the information it has about
registered providers, submits the task to an appropriate provider.
There's obviously a big issue of trusting the scanning providers
(perhaps more so than trusting existing online scanners) and issues like
'can this kind of system ever be used to perform scans that require some
sort of credentials'. There's probably a whole raft of issues I've not
even thought about - I haven't really considered any abuse cases.
Regards,
jah
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Nmap SoC Ideas?, (continued)
- Re: Nmap SoC Ideas? David Fifield (Mar 17)
- Re: Nmap SoC Ideas? Henri Salo (Mar 17)
- Re: Nmap SoC Ideas? liu xiaohui (Mar 17)
- Re: Nmap SoC Ideas? liu xiaohui (Mar 17)
- Re: Nmap SoC Ideas? David Fifield (Mar 17)
- Re: Nmap SoC Ideas? Fyodor (Mar 20)
- Re: Nmap SoC Ideas? Ron (Mar 20)
- Re: Nmap SoC Ideas? Rahul Golwalkar (Mar 20)
- Re: Nmap SoC Ideas? Fyodor (Mar 21)
- Re: Nmap SoC Ideas? Fyodor (Mar 20)
- Re: Nmap SoC Ideas? Ron (Mar 20)